Skip to Content.
Sympa Menu

technical-discuss - Re: [InC-Technical] Fwd: who needs support for ECP?

Subject: InCommon Technical Discussions

List archive

Re: [InC-Technical] Fwd: who needs support for ECP?


Chronological Thread 
  • From: "Farmer, Jacob" <>
  • To: Nick Roy <>
  • Cc: "" <>
  • Subject: Re: [InC-Technical] Fwd: who needs support for ECP?
  • Date: Thu, 7 Sep 2017 21:39:13 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:b1PIOBTBQlltTFgkyQqvKq3Aktpsv+yvbD5Q0YIujvd0So/mwa6zYBCN2/xhgRfzUJnB7Loc0qyN4vCmATRIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSijewZbB/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbDVwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4rx1QxH0ligIKz858HnWisNuiqJbvAmhrAF7z4LNfY2ZKOZycqbbcNgHR2ROQ9xRWjRBDI2icoUPE+QPM+VWr4b/u1QBogCzChOwCOPq0DJEmmP60bM83u88EQ/GxgsgH9cWvXjarNv6Lr0SUeWrw6nS1TnIcvdY1i3h54jPaR8tr+yHULVyccrJx0kgDRnFjlCOpoz/JD6V1/kNv3KF4OV9SOKikmgqoBx/rDiow8cjkIjJhoQNx1DL9CV53IY1JcCjR0Jhe9KkEZxQuzmVN4t3XsMiQ3xotz0gxr0Hvp63ZDUFx449yB7EavyLaZWH7QzlWe2MIjl4nGpodK+hixu260StyOnxWtOp3FpQsyZIkdrBumgD1xPN6cWLVv5w80K/1TmTyQ/c8ORJLV41mKbGJZ4sx7A9moYRvEveGyL7l1n5gLOQe0454Oan8f7nba/jppKEN497lAX+MqM2l8y/G+s4KBQOX22B9uS6zrHj4Ez5QKlRjvEsk6nZto3VJcUBqa6/GQBZyJgs5AuiDzu+0dQYm2cILE5ddR6akYTkP0vCLfL8APulnligiipnyvPFM7H5B5XCNHnDkLPvfbZn7E5czRI+zdJH55JaEL4BOvfzVVHrtNHDDx85Lha4zPj6B9Vgzo8eQ36AAreFMKPOtl+F/uMvI++Qa48SvTb9Lv8l5/j0gX8+g18dcrCl3YcJZ3+kHvRmJUSZbmb2jdcFCGsFows+TPf2h12fSj5TfG2/X6Y95jEgFIKmFpnPSpqsgLyHwCe0AIdWZmZYBVCQD3vkbZuLVOoRaHHaH8l6jzZRULGgT5Mmhwq/sRfz47thJe3R/yoe85X524tJ4Lj1lBoxvQZzHozJ1XuKXkl1mH8FXTk7wPo5rEBgnASty6991rZ2HMZW6ukNGiUzPpnWhaQuCcj8UxjEc82hSUvgT9m7V2JiBuktysMDNh4uU+6piQrOim/zW+cY
Nick,

Could you create something like a Google form for people to report their usage? That might facilitate a large volume of responses.

Jacob

On Sep 7, 2017, at 5:33 PM, Nick Roy <> wrote:

FYI - it would be good to understand the use of ECP in InCommon.  How many of you use/need ECP?  It is included as a MUST for IdPs in the Kantara SAMLv2.0 Implementation Profile for Federation Interoperability: https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html  It is possible that could change if few real use cases exist.

Best,

Nick


-------- Forwarded Message --------
Subject: who needs support for ECP?
Resent-From:
Date: Thu, 7 Sep 2017 20:43:53 +0200
From: Peter
To:
CC: 


Dear FIM4R people,

within AARC2 a very lively and sophisticated discussion has taken place 
about the question whether SAML ECP should be mandatory or not in a SAML 
idP software
conformance document.

Although the main use case of ECP (non-web SSO) can be handled by other 
technologies such as OAuth2/OIDC, a number of SAML based deployments 
need ECP. The question is, how high this number is, and the idea came up 
to ask this list, which I am doing herewith:

Who of you think that a proper SAML IdP-Implementation should support 
ECP and who uses it within their research infrastructure.

To start answering the question:

In DARIAH we have specified and implemented a Storage API that uses ECP 
for authentication. A second version of this API also supports OAuth2, 
thus although we would not need ECP support any more I still think that 
a SAML document should mandate ECP so that named use cases could be 
implemented within one technology stack such as  SAML. There might be 
security considerations though that speak against ECP.

So now its your turn to answer the question ;-)

Cheers

Peter


-- 
_______________________________________________________________________

Peter Gietz (CEO)
DAASI International GmbH                   phone: +49 7071 407109-0
Europaplatz 3                              Fax:   +49 7071 407109-9
D-72072 Tübingen                           mail:  
Germany                                    Web:   www.daasi.de

DAASI International GmbH, Tübingen
Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175

Directory Applications for Advanced Security and Information Management
_______________________________________________________________________
To unsubscribe from this list, send email to with the subject: unsubscribe technical-discuss

Archive powered by MHonArc 2.6.19.

Top of Page